But, but ... you can use the same keystore since it is capable of doing it. What you need is the <ssl> entries in the listeners that point to the nick-name "s1as", or better yet, make them use one of your certs! That should not be hard.
Just look for: <ssl> elements and set the cert-nickname attribute on it to "mycert" or something like that.
Also, if you choose to use your own keystore and truststore, note that you can't use the -Djavax.net.ssl.trustStore and .keyStore properties because server already makes them point to truststore.jks and keystore.jks respectively.
-Kedar
[Message sent by forum member 'km' (km)]
http://forums.java.net/jive/thread.jspa?messageID=316582